diff options
| -rw-r--r-- | capabilities-map.yaml | 7 | ||||
| -rw-r--r-- | common/deploy-steps-tasks.yaml | 2 | ||||
| -rw-r--r-- | common/deploy-steps.j2 | 14 | ||||
| -rw-r--r-- | deployed-server/deployed-server-roles-data.yaml | 1 | ||||
| -rwxr-xr-x | docker/docker-puppet.py | 1 | ||||
| -rw-r--r-- | docker/services/ceph-ansible/ceph-base.yaml | 2 | ||||
| -rw-r--r-- | environments/contrail/roles_data_contrail.yaml | 1 | ||||
| -rw-r--r-- | environments/manila-isilon-config.yaml | 17 | ||||
| -rw-r--r-- | overcloud-resource-registry-puppet.j2.yaml | 1 | ||||
| -rw-r--r-- | puppet/services/manila-backend-isilon.yaml | 72 | ||||
| -rw-r--r-- | puppet/services/rabbitmq.yaml | 1 | ||||
| -rw-r--r-- | releasenotes/notes/isilon_manila_e9677898724a11e7.yaml | 4 | ||||
| -rw-r--r-- | roles/Controller.yaml | 1 | ||||
| -rw-r--r-- | roles/ControllerOpenstack.yaml | 1 | ||||
| -rw-r--r-- | roles_data.yaml | 1 |
15 files changed, 117 insertions, 9 deletions
diff --git a/capabilities-map.yaml b/capabilities-map.yaml index 2c91803b..26100639 100644 --- a/capabilities-map.yaml +++ b/capabilities-map.yaml @@ -426,6 +426,13 @@ topics: - file: environments/manila-vmax-config.yaml title: Deploys Manila with VMAX driver description: Deploys Manila and configures VMAX as its default backend. + - title: Manila with Isilon + description: > + Deploys Manila and configures it with the Isilon driver. + environments: + - file: environments/manila-isilon-config.yaml + title: Deploys Manila with Isilon driver + description: Deploys Manila and configures Isilon as its default backend. requires: - overcloud-resource-registry-puppet.yaml - title: Glance backends diff --git a/common/deploy-steps-tasks.yaml b/common/deploy-steps-tasks.yaml index f0729425..73d3036c 100644 --- a/common/deploy-steps-tasks.yaml +++ b/common/deploy-steps-tasks.yaml @@ -5,7 +5,7 @@ # Per step puppet configuration of the baremetal host ##################################################### - name: Write the config_step hieradata - copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true + copy: content="{{dict(step=step|int)|to_json}}" dest=/etc/puppet/hieradata/config_step.json force=true mode=0600 - name: Run puppet host configuration for step {{step}} command: >- puppet apply diff --git a/common/deploy-steps.j2 b/common/deploy-steps.j2 index 3af48464..1119fb60 100644 --- a/common/deploy-steps.j2 +++ b/common/deploy-steps.j2 @@ -190,29 +190,29 @@ resources: - name: Create /var/lib/tripleo-config directory file: path=/var/lib/tripleo-config state=directory - name: Write the puppet step_config manifest - copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes + copy: content="{{puppet_step_config}}" dest=/var/lib/tripleo-config/puppet_step_config.pp force=yes mode=0600 # this creates a JSON config file for our docker-puppet.py script - name: Create /var/lib/docker-puppet file: path=/var/lib/docker-puppet state=directory - name: Write docker-puppet-tasks json files - copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes + copy: content="{{puppet_config | to_json}}" dest=/var/lib/docker-puppet/docker-puppet.json force=yes mode=0600 # FIXME: can we move docker-puppet somewhere so it's installed via a package? - name: Write docker-puppet.py - copy: content="{{docker_puppet_script}}" dest=/var/lib/docker-puppet/docker-puppet.py force=yes + copy: content="{{docker_puppet_script}}" dest=/var/lib/docker-puppet/docker-puppet.py force=yes mode=0600 # Here we are dumping all the docker container startup configuration data # so that we can have access to how they are started outside of heat # and docker-cmd. This lets us create command line tools to test containers. # FIXME do we need the docker-container-startup-configs.json or is the new per-step # data consumed by paunch enough? - name: Write docker-container-startup-configs - copy: content="{{docker_startup_configs | to_json}}" dest=/var/lib/docker-container-startup-configs.json force=yes + copy: content="{{docker_startup_configs | to_json}}" dest=/var/lib/docker-container-startup-configs.json force=yes mode=0600 - name: Write per-step docker-container-startup-configs - copy: content="{{item.value|to_json}}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{item.key}}.json" force=yes + copy: content="{{item.value|to_json}}" dest="/var/lib/tripleo-config/docker-container-startup-config-{{item.key}}.json" force=yes mode=0600 with_dict: "{{docker_startup_configs}}" - name: Create /var/lib/kolla/config_files directory file: path=/var/lib/kolla/config_files state=directory - name: Write kolla config json files - copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes + copy: content="{{item.value|to_json}}" dest="{{item.key}}" force=yes mode=0600 with_dict: "{{kolla_config}}" ######################################################## # Bootstrap tasks, only performed on bootstrap_server_id @@ -225,7 +225,7 @@ resources: - /var/lib/docker-puppet/docker-puppet-tasks*.json when: deploy_server_id == bootstrap_server_id - name: Write docker-puppet-tasks json files - copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes + copy: content="{{item.value|to_json}}" dest=/var/lib/docker-puppet/docker-puppet-tasks{{item.key.replace("step_", "")}}.json force=yes mode=0600 with_dict: "{{docker_puppet_tasks}}" when: deploy_server_id == bootstrap_server_id {%- endraw %} diff --git a/deployed-server/deployed-server-roles-data.yaml b/deployed-server/deployed-server-roles-data.yaml index 3344a812..7623eda6 100644 --- a/deployed-server/deployed-server-roles-data.yaml +++ b/deployed-server/deployed-server-roles-data.yaml @@ -82,6 +82,7 @@ - OS::TripleO::Services::ManilaApi - OS::TripleO::Services::ManilaScheduler - OS::TripleO::Services::ManilaBackendGeneric + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity - OS::TripleO::Services::ManilaBackendCephFs diff --git a/docker/docker-puppet.py b/docker/docker-puppet.py index 613adf10..0451ed51 100755 --- a/docker/docker-puppet.py +++ b/docker/docker-puppet.py @@ -366,6 +366,7 @@ for infile in infiles: outfile = os.path.join(os.path.dirname(infile), "hashed-" + os.path.basename(infile)) with open(outfile, 'w') as out_f: + os.chmod(out_f.name, 0600) json.dump(infile_data, out_f) if not success: diff --git a/docker/services/ceph-ansible/ceph-base.yaml b/docker/services/ceph-ansible/ceph-base.yaml index bf2c86c4..2f2af2d6 100644 --- a/docker/services/ceph-ansible/ceph-base.yaml +++ b/docker/services/ceph-ansible/ceph-base.yaml @@ -241,7 +241,7 @@ outputs: - - client - {get_param: ManilaCephFSNativeCephFSAuthId} key: {get_param: CephManilaClientKey} - mon_cap: "allow r, allow command auth del, allow command auth caps, allow command auth get, allow command auth get-or-create" + mon_cap: 'allow r, allow command \\\"auth del\\\", allow command \\\"auth caps\\\", allow command \\\"auth get\\\", allow command \\\"auth get-or-create\\\"' mds_cap: "allow *" osd_cap: "allow rw" mode: "0644" diff --git a/environments/contrail/roles_data_contrail.yaml b/environments/contrail/roles_data_contrail.yaml index 4b170751..bd697160 100644 --- a/environments/contrail/roles_data_contrail.yaml +++ b/environments/contrail/roles_data_contrail.yaml @@ -87,6 +87,7 @@ - OS::TripleO::Services::ManilaBackendGeneric - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendCephFs - OS::TripleO::Services::ManilaBackendVNX - OS::TripleO::Services::ManilaBackendVMAX diff --git a/environments/manila-isilon-config.yaml b/environments/manila-isilon-config.yaml new file mode 100644 index 00000000..809900c8 --- /dev/null +++ b/environments/manila-isilon-config.yaml @@ -0,0 +1,17 @@ +# This environment file enables Manila with the Isilon backend. +resource_registry: + OS::TripleO::Services::ManilaApi: ../puppet/services/manila-api.yaml + OS::TripleO::Services::ManilaScheduler: ../puppet/services/manila-scheduler.yaml + # Only manila-share is pacemaker managed: + OS::TripleO::Services::ManilaShare: ../puppet/services/pacemaker/manila-share.yaml + OS::TripleO::Services::ManilaBackendIsilon: ../puppet/services/manila-backend-isilon.yaml + +parameter_defaults: + ManilaIsilonBackendName: tripleo_isilon + ManilaIsilonDriverHandlesShareServers: true + ManilaIsilonNasLogin: '' + ManilaIsilonNasPassword: '' + ManilaIsilonNasServer: '' + ManilaIsilonNasRootDir: '' + ManilaIsilonNasServerPort: 8080 + ManilaIsilonNasServerSecure: '' diff --git a/overcloud-resource-registry-puppet.j2.yaml b/overcloud-resource-registry-puppet.j2.yaml index bc14adb0..8f4b4b48 100644 --- a/overcloud-resource-registry-puppet.j2.yaml +++ b/overcloud-resource-registry-puppet.j2.yaml @@ -231,6 +231,7 @@ resource_registry: OS::TripleO::Services::ManilaScheduler: OS::Heat::None OS::TripleO::Services::ManilaShare: OS::Heat::None OS::TripleO::Services::ManilaBackendGeneric: OS::Heat::None + OS::TripleO::Services::ManilaBackendIsilon: OS::Heat::None OS::TripleO::Services::ManilaBackendNetapp: OS::Heat::None OS::TripleO::Services::ManilaBackendUnity: OS::Heat::None OS::TripleO::Services::ManilaBackendVMAX: OS::Heat::None diff --git a/puppet/services/manila-backend-isilon.yaml b/puppet/services/manila-backend-isilon.yaml new file mode 100644 index 00000000..6d8a1fb6 --- /dev/null +++ b/puppet/services/manila-backend-isilon.yaml @@ -0,0 +1,72 @@ +heat_template_version: pike + +description: > + Openstack Manila isilon backend. + +parameters: + ManilaIsilonDriverHandlesShareServers: + type: string + default: true + ManilaIsilonBackendName: + type: string + default: tripleo_isilon + ManilaIsilonNasLogin: + type: string + default: '' + ManilaIsilonNasPassword: + type: string + default: '' + ManilaIsilonNasServer: + type: string + default: '' + ManilaIsilonNasRootDir: + type: string + default: '' + ManilaIsilonNasServerPort: + type: number + default: 8080 + ManilaIsilonNasServerSecure: + type: string + default: '' + ServiceData: + default: {} + description: Dictionary packing service data + type: json + ServiceNetMap: + default: {} + description: Mapping of service_name -> network name. Typically set + via parameter_defaults in the resource registry. This + mapping overrides those in ServiceNetMapDefaults. + type: json + DefaultPasswords: + default: {} + type: json + RoleName: + default: '' + description: Role name on which the service is applied + type: string + RoleParameters: + default: {} + description: Parameters specific to the role + type: json + EndpointMap: + default: {} + type: json + description: Mapping of service endpoint -> protocol. Typically set + via parameter_defaults in the resource registry. + +outputs: + role_data: + description: Role data for the Manila Isilon backend. + value: + service_name: manila_backend_isilon + config_settings: + manila::backend::dellemc_isilon::title: {get_param: ManilaIsilonBackendName} + manila::backend::dellemc_isilon::emc_nas_login: {get_param: ManilaIsilonNasLogin} + manila::backend::dellemc_isilon::driver_handles_share_servers: {get_param: ManilaIsilonDriverHandlesShareServers} + manila::backend::dellemc_isilon::emc_nas_password: {get_param: ManilaIsilonNasPassword} + manila::backend::dellemc_isilon::emc_nas_server: {get_param: ManilaIsilonNasServer} + manila::backend::dellemc_isilon::emc_nas_root_dir: {get_param: ManilaIsilonNasRootDir} + manila::backend::dellemc_isilon::emc_nas_server_port: {get_param: ManilaIsilonNasServerPort} + manila::backend::dellemc_isilon::emc_nas_server_secure: {get_param: ManilaIsilonNasServerSecure} + step_config: diff --git a/puppet/services/rabbitmq.yaml b/puppet/services/rabbitmq.yaml index ba3a0984..a1a60201 100644 --- a/puppet/services/rabbitmq.yaml +++ b/puppet/services/rabbitmq.yaml @@ -122,6 +122,7 @@ outputs: rabbitmq::interface: {get_param: [ServiceNetMap, RabbitmqNetwork]} rabbitmq::nr_ha_queues: {get_param: RabbitHAQueues} rabbitmq::ssl: {get_param: EnableInternalTLS} + rabbitmq::ssl_erl_dist: {get_param: EnableInternalTLS} rabbitmq::ssl_port: 5672 rabbitmq::ssl_depth: 1 rabbitmq::ssl_only: {get_param: EnableInternalTLS} diff --git a/releasenotes/notes/isilon_manila_e9677898724a11e7.yaml b/releasenotes/notes/isilon_manila_e9677898724a11e7.yaml new file mode 100644 index 00000000..8eb50b8f --- /dev/null +++ b/releasenotes/notes/isilon_manila_e9677898724a11e7.yaml @@ -0,0 +1,4 @@ +--- +features: + - | + Add support for Dell EMC Isilon manila driver diff --git a/roles/Controller.yaml b/roles/Controller.yaml index 603aec9d..88e4dfed 100644 --- a/roles/Controller.yaml +++ b/roles/Controller.yaml @@ -82,6 +82,7 @@ - OS::TripleO::Services::ManilaApi - OS::TripleO::Services::ManilaBackendCephFs - OS::TripleO::Services::ManilaBackendGeneric + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity - OS::TripleO::Services::ManilaBackendVNX diff --git a/roles/ControllerOpenstack.yaml b/roles/ControllerOpenstack.yaml index 22ae5a9c..cc497822 100644 --- a/roles/ControllerOpenstack.yaml +++ b/roles/ControllerOpenstack.yaml @@ -66,6 +66,7 @@ - OS::TripleO::Services::ManilaApi - OS::TripleO::Services::ManilaBackendCephFs - OS::TripleO::Services::ManilaBackendGeneric + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity - OS::TripleO::Services::ManilaBackendVNX diff --git a/roles_data.yaml b/roles_data.yaml index d4a928c2..1cdaf262 100644 --- a/roles_data.yaml +++ b/roles_data.yaml @@ -85,6 +85,7 @@ - OS::TripleO::Services::ManilaApi - OS::TripleO::Services::ManilaBackendCephFs - OS::TripleO::Services::ManilaBackendGeneric + - OS::TripleO::Services::ManilaBackendIsilon - OS::TripleO::Services::ManilaBackendNetapp - OS::TripleO::Services::ManilaBackendUnity - OS::TripleO::Services::ManilaBackendVNX |